hashdata digest

git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@82 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
author: clemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> 2008-10-07 17:59:28 +0000
committer: clemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> 2008-10-07 17:59:28 +0000
commit: 35364f7492308692bd690c17f5527f4157eb583a (patch)
tree: 8b0b56620cc33747071033778204fa93239fdacc /BKUApplet/src
parent: 5702f241064f90106e8495f3cf23b6e6798d6501 (diff)
download: mocca-35364f7492308692bd690c17f5527f4157eb583a.tar.gz
mocca-35364f7492308692bd690c17f5527f4157eb583a.tar.bz2
mocca-35364f7492308692bd690c17f5527f4157eb583a.zip
2 files changed, 45 insertions, 17 deletions
diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/WSSignRequestHandler.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/WSSignRequestHandler.java
index 5f422164..3a36a290 100644
--- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/WSSignRequestHandler.java
+++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/WSSignRequestHandler.java
@@ -31,6 +31,7 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.List;
+import java.util.Map.Entry;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
@@ -58,15 +59,18 @@ public class WSSignRequestHandler extends SignRequestHandler {
     GetHashDataInputType request = new GetHashDataInputType();
     request.setSessionId(sessId);
 
-    HashMap<String, ReferenceType> idRefMap = new HashMap<String, ReferenceType>();
-    for (ReferenceType reference : signedReferences) {
+    HashMap<String, ReferenceType> idSignedRefMap = new HashMap<String, ReferenceType>();
+    for (ReferenceType signedRef : signedReferences) {
       //don't get Manifest, QualifyingProperties, ...
-      if (reference.getType() == null) {
-        String referenceId = reference.getId();
-        if (referenceId != null) {
-          idRefMap.put(referenceId, reference);
+      if (signedRef.getType() == null) {
+        String signedRefId = signedRef.getId();
+        if (signedRefId != null) {
+          if (log.isTraceEnabled()) {
+            log.trace("requesting hashdata input for reference " + signedRefId);
+          }
+          idSignedRefMap.put(signedRefId, signedRef);
           GetHashDataInputType.Reference ref = new GetHashDataInputType.Reference();
-          ref.setID(referenceId);
+          ref.setID(signedRefId);
           request.getReference().add(ref);
 
         } else {
@@ -76,31 +80,52 @@ public class WSSignRequestHandler extends SignRequestHandler {
     }
 
     if (log.isDebugEnabled()) {
-      log.debug("Calling GetHashDataInput for session " + sessId);
+      log.debug("Calling GetHashDataInput for " + request.getReference().size() + " references in session " + sessId);
     }
     GetHashDataInputResponseType response = stalPort.getHashDataInput(request);
     ArrayList<HashDataInput> hashDataInputs = new ArrayList<HashDataInput>();
 
+    //hashdata inputs returned from service
+    HashMap<String, GetHashDataInputResponseType.Reference> idRefMap = new HashMap<String, GetHashDataInputResponseType.Reference>();
     for (GetHashDataInputResponseType.Reference reference : response.getReference()) {
-
       String id = reference.getID();
       byte[] hdi = reference.getValue();
       if (hdi == null) {
-        throw new Exception("Failed to resolve digest value for reference " + id);
+        throw new Exception("Did not receive hashdata input for reference " + id);
+      }
+      idRefMap.put(id, reference);
+    }
+    
+    for (String signedRefId : idSignedRefMap.keySet()) {
+      log.info("validating hashdata input for reference " + signedRefId);
+      
+      GetHashDataInputResponseType.Reference reference = idRefMap.get(signedRefId);
+      if (reference == null) {
+        throw new Exception("No hashdata input for reference " + signedRefId + " returned by service");
       }
+      
+//    }
+//    
+//    for (GetHashDataInputResponseType.Reference reference : response.getReference()) {
+//
+//      String id = reference.getID();
+      byte[] hdi = reference.getValue();
       String mimeType = reference.getMimeType();
       String encoding = reference.getEncoding();
 
+      if (hdi == null) {
+        throw new Exception("No hashdata input provided for reference " + signedRefId);
+      }
       if (log.isDebugEnabled()) {
-        log.debug("Got HashDataInput " + id + " (" + mimeType + ";" + encoding + ")");
+        log.debug("Got HashDataInput " + signedRefId + " (" + mimeType + ";" + encoding + ")");
       }
 
-      ReferenceType dsigRef = idRefMap.get(id);
+      ReferenceType dsigRef = idSignedRefMap.get(signedRefId);
       DigestMethodType dm = dsigRef.getDigestMethod();
+      
       if (dm == null) {
-        throw new Exception("Failed to verify digest value for reference " + id + ": no digest algorithm");
+        throw new Exception("Failed to verify digest value for reference " + signedRefId + ": no digest algorithm");
       }
-      //TODO 
       String mdAlg = dm.getAlgorithm();
       if ("http://www.w3.org/2000/09/xmldsig#sha1".equals(mdAlg))
         mdAlg = "SHA-1";
@@ -120,15 +145,18 @@ public class WSSignRequestHandler extends SignRequestHandler {
         mdAlg = "MD5";
       else if ("http://www.w3.org/2001/04/xmlenc#ripemd160 ".equals(mdAlg))
         mdAlg = "RipeMD-160";
+      else {
+        throw new Exception("Failed to verify digest value for reference " + signedRefId + ": unsupported digest algorithm " + mdAlg);
+      }
       MessageDigest md = MessageDigest.getInstance(mdAlg);
       byte[] hdiDigest = md.digest(hdi);
       if (log.isDebugEnabled())
         log.debug("Comparing digest values... "); 
       if (!Arrays.equals(hdiDigest, dsigRef.getDigestValue())) {
         log.error("digest values differ: " + new String(hdiDigest) + ", " + new String(dsigRef.getDigestValue()));
-        throw new DigestException("Bad digest value for reference " + id + ": " + dsigRef.getDigestValue());
+        throw new DigestException("Bad digest value for reference " + signedRefId + ": " + new String(dsigRef.getDigestValue()));
       }
-      hashDataInputs.add(new ByteArrayHashDataInput(hdi, id, mimeType, encoding));
+      hashDataInputs.add(new ByteArrayHashDataInput(hdi, signedRefId, mimeType, encoding));
     }
     return hashDataInputs;
   }
diff --git a/BKUApplet/src/main/resources/simplelog.properties b/BKUApplet/src/main/resources/simplelog.properties
index d62508cf..51be76a8 100644
--- a/BKUApplet/src/main/resources/simplelog.properties
+++ b/BKUApplet/src/main/resources/simplelog.properties
@@ -15,7 +15,7 @@
 
 # Logging detail level,
 # Must be one of ("trace", "debug", "info", "warn", "error", or "fatal").
-org.apache.commons.logging.simplelog.defaultlog=debug
+org.apache.commons.logging.simplelog.defaultlog=trace
 # Logs the Log instance used
 org.apache.commons.logging.simplelog.showlogname=true
 #Logs the class name with package(or Path)
author	clemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>	2008-10-07 17:59:28 +0000
committer	clemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>	2008-10-07 17:59:28 +0000
commit	35364f7492308692bd690c17f5527f4157eb583a (patch)
tree	8b0b56620cc33747071033778204fa93239fdacc /BKUApplet/src
parent	5702f241064f90106e8495f3cf23b6e6798d6501 (diff)
download	mocca-35364f7492308692bd690c17f5527f4157eb583a.tar.gz mocca-35364f7492308692bd690c17f5527f4157eb583a.tar.bz2 mocca-35364f7492308692bd690c17f5527f4157eb583a.zip